Vulners
Lucene search
π Vvveb CMS 1.0.5 Insecure Direct Object Reference
ποΈΒ 10 Mar 2026Β 00:00:00Reported byΒ indoushkaTypeΒ 
Β packetstormπΒ packetstorm.newsπΒ 70Β Views
| Reporter | Title | Published | Views | Family All 14 |
|---|---|---|---|---|
 | Exploit for Injection in Vvveb | 29 Sep 202516:51 | β | githubexploit |
 | CVE-2025-8518 | 29 Sep 202516:59 | β | circl |
 | Vvveb 注ε ₯ζΌζ΄ | 4 Aug 202500:00 | β | cnnvd |
 | CVE-2025-8518 | 4 Aug 202517:02 | β | cve |
 | CVE-2025-8518 givanz Vvveb Code Editor code.php save code injection | 4 Aug 202517:02 | β | cvelist |
 | EUVD-2025-23521 | 3 Oct 202520:07 | β | euvd |
 | Remote Code Execution Vulnerability in Vvveb | 22 Oct 202518:54 | β | metasploit |
 | CVE-2025-8518 | 4 Aug 202517:15 | β | nvd |
| π Vvveb CMS 1.0.5 Remote Code Execution | 22 Oct 202500:00 | β | packetstorm |
| π Vvveb CMS 1.0.5 Command Injection | 11 Mar 202600:00 | β | packetstorm |
10
=============================================================================================================================================
| # Title : Vvveb CMS 1.0.5 idor |
| # Author : indoushka |
| # Tested on : windows 11 Fr(Pro) / browser : Mozilla firefox 145.0.2 (64 bits) |
| # Vendor : https://www.vvveb.com/ |
=============================================================================================================================================
[+] References : https://packetstorm.news/files/id/210781/ & CVE-2025-8518
[+] Summary : suffers from an insecure direct object reference that allows users to access the administrative interface.
[+] POC : Payload = /admin/?admin&module
use = https://127.0.0.1/nicolinc.couk/admin/?admin&module
Greetings to :=====================================================================================
jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|
===================================================================================================
=============================================================================================================================================
| # Title : Vvveb CMS 1.0.7.3 Idor |
| # Author : indoushka |
| # Tested on : windows 11 Fr(Pro) / browser : Mozilla firefox 145.0.2 (64 bits) |
| # Vendor : https://www.vvveb.com/update.json |
=============================================================================================================================================
[+] References : https://packetstorm.news/files/id/210781/ & CVE-2025-8518
[+] Summary : suffers from an insecure direct object reference that allows users to access the administrative interface Without Interact.
[+] POC : Payload = /admin/?admin&module
use = https://127.0.0.1/nicolinc.couk/admin/?admin&module
Greetings to :=====================================================================================
jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|
===================================================================================================Data
Build on a solid foundation withΒ Vulners data
WeΒ provide theΒ essential building blocks forΒ cybersecurity solutions withΒ comprehensive, structured, andΒ constantly updated vulnerability andΒ exploits data
Api
Power your application withΒ Vulners API
The Vulners REST API offers reliable, high-performance access toΒ vulnerabilityΒ intelligence, withΒ 99.9%Β SLAΒ uptime andΒ CDN-backed data delivery forΒ seamlessΒ global access
App
Assess and manage vulnerabilities withΒ VulnersΒ tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
10 Mar 2026 00:00Current
5.8Medium risk
Vulners AI Score5.8
CVSS 3.14.7 - 7.2
CVSS 45.1
CVSS 25.8
CVSS 34.7
EPSS0.37891
SSVC